🐝 Alby vulnerabilities PoC

This page demonstrates a few ways to bypass Alby's security features. The Alby team is informed and most of these issues have been fixed. Currently, there is no direct confirmation if a payment failed or worked on this page, so be careful not to spend all your sats here. This page is written in simple HTML and JavaScript. You can easily verify what it's doing using "Inspect Element".

Vulnerabilities in Alby 1.7.0 and below

These do nothing in recent versions

i i

Vulnerabilities in Alby 1.8.0 and below

These should create a simple payment or "connect" dialog in more recent versions.

i i

Vulnerabilities in Alby 1.9.1 and below

These are not really dangerous, and only a minor issue